From nobody Wed Aug 13 16:09:29 2014 Return-Path: X-Original-To: spfbis@ietfa.amsl.com Delivered-To: spfbis@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31A501A0115 for ; Wed, 13 Aug 2014 16:09:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.57 X-Spam-Level: X-Spam-Status: No, score=-102.57 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.668, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RWZ1LtYvhHkN for ; Wed, 13 Aug 2014 16:09:25 -0700 (PDT) Received: from rfc-editor.org (rfc-editor.org [IPv6:2001:1900:3001:11::31]) by ietfa.amsl.com (Postfix) with ESMTP id 6C4841A0114 for ; Wed, 13 Aug 2014 16:09:25 -0700 (PDT) Received: by rfc-editor.org (Postfix, from userid 30) id 43A1F18000E; Wed, 13 Aug 2014 16:07:34 -0700 (PDT) To: scott@kitterman.com, barryleiba@computer.org, presnick@qti.qualcomm.com, sm+ietf@elandsys.com, ajs@anvilwalrusden.com X-PHP-Originating-Script: 6000:errata_mail_lib.php From: RFC Errata System Message-Id: <20140813230734.43A1F18000E@rfc-editor.org> Date: Wed, 13 Aug 2014 16:07:34 -0700 (PDT) Archived-At: http://mailarchive.ietf.org/arch/msg/spfbis/KmVU1P1dHKTezjiVsNxVHRjB_Vc Cc: spfbis@ietf.org, d.stussy@yahoo.com, rfc-editor@rfc-editor.org Subject: [spfbis] [Technical Errata Reported] RFC7208 (4081) X-BeenThere: spfbis@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: SPFbis discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Aug 2014 23:09:27 -0000 The following errata report has been submitted for RFC7208, "Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=7208&eid=4081 -------------------------------------- Type: Technical Reported by: D. Stussy Section: 8.4 Original Text ------------- (Paragraph 2): if supported, the 5.7.1 enhanced status code ... 550 5.7.1 SPF MAIL FROM check failed: 550 5.7.1 The domain example.com explains: 550 5.7.1 Please see http://www.example.com/mailpolicy.html Corrected Text -------------- if supported, the 5.7.7 enhanced status code ... 550 5.7.7 SPF MAIL FROM check failed: 550 5.7.7 The domain example.com explains: 550 5.7.7 Please see http://www.example.com/mailpolicy.html Notes ----- 5.7.1 generally refers to messages refused due to content or LOCAL policies. 5.7.7 refers to messages where there is an integrity problem. 5.7.7 is a better description for rejecting an unauthorized message due to the application of automatic checking criterion set by remote validation. The author of this errata notes that the IANA is showing a pending addition to the enhanced codes to add SPF-specific error code 5.7.23 (in lieu of 5.7.1 or 5.7.7), but currently sees no valid RFC proposing it. The draft is located at: http://tools.ietf.org/html/draft-ietf-appsawg-email-auth-codes-07 Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party (IESG) can log in to change the status and edit the report, if necessary. -------------------------------------- RFC7208 (draft-ietf-spfbis-4408bis-21) -------------------------------------- Title : Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1 Publication Date : April 2014 Author(s) : S. Kitterman Category : PROPOSED STANDARD Source : SPF Update Area : Applications Stream : IETF Verifying Party : IESG From nobody Wed Aug 13 16:15:03 2014 Return-Path: X-Original-To: spfbis@ietfa.amsl.com Delivered-To: spfbis@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F322A1A0222 for ; Wed, 13 Aug 2014 16:15:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.57 X-Spam-Level: X-Spam-Status: No, score=-102.57 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.668, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5LsIJY1YxBHx for ; Wed, 13 Aug 2014 16:14:57 -0700 (PDT) Received: from rfc-editor.org (rfc-editor.org [IPv6:2001:1900:3001:11::31]) by ietfa.amsl.com (Postfix) with ESMTP id C1C8F1A00D7 for ; Wed, 13 Aug 2014 16:14:57 -0700 (PDT) Received: by rfc-editor.org (Postfix, from userid 30) id 9680818000E; Wed, 13 Aug 2014 16:13:06 -0700 (PDT) To: scott@kitterman.com, barryleiba@computer.org, presnick@qti.qualcomm.com, sm+ietf@elandsys.com, ajs@anvilwalrusden.com X-PHP-Originating-Script: 6000:errata_mail_lib.php From: RFC Errata System Message-Id: <20140813231306.9680818000E@rfc-editor.org> Date: Wed, 13 Aug 2014 16:13:06 -0700 (PDT) Archived-At: http://mailarchive.ietf.org/arch/msg/spfbis/EfnjdjCzV7iUHko6Cq1nstQ8CAI Cc: spfbis@ietf.org, d.stussy@yahoo.com, rfc-editor@rfc-editor.org Subject: [spfbis] [Technical Errata Reported] RFC7208 (4082) X-BeenThere: spfbis@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: SPFbis discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Aug 2014 23:15:01 -0000 The following errata report has been submitted for RFC7208, "Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=7208&eid=4082 -------------------------------------- Type: Technical Reported by: D. Stussy Section: 8.7 Original Text ------------- ... If the message is rejected during the SMTP transaction for this reason, the software SHOULD use an SMTP reply code of 550 and, if supported, the 5.5.2 enhanced status code ... Corrected Text -------------- ... If the message is rejected during the SMTP transaction for this reason, the software SHOULD use an SMTP reply code of 550 and, if supported, the 5.7.8 enhanced status code ... Notes ----- 5.5.2 refers to responses where there's an SMTP COMMAND syntax error. 5.7.8 refers to messages where authentication credentials are invalid. 5.7.8 is a better description for rejecting an unauthorized message due to the application of invalid authentication credentials such as bad syntax in an SPF DNS record. The author of this errata notes that the IANA is showing a pending addition to the enhanced codes to add SPF-specific error code 5.7.24 (in lieu of 5.5.2 or 5.7.8), but currently sees no valid RFC proposing it. The draft is located at: http://tools.ietf.org/html/draft-ietf-appsawg-email-auth-codes-07 The use of 5.5.2 here is misleading since the source of the error is not the SMTP command stream. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party (IESG) can log in to change the status and edit the report, if necessary. -------------------------------------- RFC7208 (draft-ietf-spfbis-4408bis-21) -------------------------------------- Title : Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1 Publication Date : April 2014 Author(s) : S. Kitterman Category : PROPOSED STANDARD Source : SPF Update Area : Applications Stream : IETF Verifying Party : IESG From nobody Wed Aug 13 16:26:35 2014 Return-Path: X-Original-To: spfbis@ietfa.amsl.com Delivered-To: spfbis@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 740361A03E1 for ; Wed, 13 Aug 2014 16:26:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.141 X-Spam-Level: X-Spam-Status: No, score=-0.141 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_INFO=1.448, HOST_MISMATCH_NET=0.311] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ya8tD_rwY7XZ for ; Wed, 13 Aug 2014 16:26:27 -0700 (PDT) Received: from mx1.yitter.info (ow5p.x.rootbsd.net [208.79.81.114]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E07E1A041B for ; Wed, 13 Aug 2014 16:26:27 -0700 (PDT) Received: from mx1.yitter.info (unknown [50.189.173.0]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.yitter.info (Postfix) with ESMTPSA id DD0848A031; Wed, 13 Aug 2014 23:26:25 +0000 (UTC) Date: Wed, 13 Aug 2014 19:26:24 -0400 From: Andrew Sullivan To: Scott Kitterman Message-ID: <20140813232624.GM48135@mx1.yitter.info> References: <20140813230734.43A1F18000E@rfc-editor.org> <6ff7d3b8-be20-4407-931a-41605e129d1a@email.android.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <6ff7d3b8-be20-4407-931a-41605e129d1a@email.android.com> User-Agent: Mutt/1.5.21 (2010-09-15) Archived-At: http://mailarchive.ietf.org/arch/msg/spfbis/YnvG6DeowZ4Ui6cyNLZuSgVBMmM Cc: presnick@qti.qualcomm.com, sm+ietf@elandsys.com, spfbis@ietf.org, d.stussy@yahoo.com, barryleiba@computer.org, RFC Errata System Subject: Re: [spfbis] [Technical Errata Reported] RFC7208 (4081) X-BeenThere: spfbis@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: SPFbis discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Aug 2014 23:26:33 -0000 I agree with Scott's argument, but even if I didn't it wouldn't be correct to do this in an erratum. It's a substantive change to the protocol. It should be rejected. Best regards, A On Wed, Aug 13, 2014 at 07:19:48PM -0400, Scott Kitterman wrote: > I believe this should be rejected. > > RFC7208 doesn't specify that messages should be rejected. A decision to reject is a local policy decision. 5.7.1 is the correct code. > > In any case, draft-ietf-appsawg-email-auth-codes updates RFC7208 on this exact question, so the point will shortly be moot anyway. > > Scott K > > On August 13, 2014 7:07:34 PM EDT, RFC Errata System wrote: > >The following errata report has been submitted for RFC7208, > >"Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, > >Version 1". > > > >-------------------------------------- > >You may review the report below and at: > >http://www.rfc-editor.org/errata_search.php?rfc=7208&eid=4081 > > > >-------------------------------------- > >Type: Technical > >Reported by: D. Stussy > > > >Section: 8.4 > > > >Original Text > >------------- > >(Paragraph 2): if supported, the 5.7.1 enhanced status code > >... > > > > 550 5.7.1 SPF MAIL FROM check failed: > > 550 5.7.1 The domain example.com explains: > > 550 5.7.1 Please see http://www.example.com/mailpolicy.html > > > > > >Corrected Text > >-------------- > >if supported, the 5.7.7 enhanced status code > >... > > > > 550 5.7.7 SPF MAIL FROM check failed: > > 550 5.7.7 The domain example.com explains: > > 550 5.7.7 Please see http://www.example.com/mailpolicy.html > > > > > >Notes > >----- > >5.7.1 generally refers to messages refused due to content or LOCAL > >policies. > >5.7.7 refers to messages where there is an integrity problem. > > > >5.7.7 is a better description for rejecting an unauthorized message due > >to the application of automatic checking criterion set by remote > >validation. > > > >The author of this errata notes that the IANA is showing a pending > >addition to the enhanced codes to add SPF-specific error code 5.7.23 > >(in lieu of 5.7.1 or 5.7.7), but currently sees no valid RFC proposing > >it. The draft is located at: > >http://tools.ietf.org/html/draft-ietf-appsawg-email-auth-codes-07 > > > >Instructions: > >------------- > >This erratum is currently posted as "Reported". If necessary, please > >use "Reply All" to discuss whether it should be verified or > >rejected. When a decision is reached, the verifying party (IESG) > >can log in to change the status and edit the report, if necessary. > > > >-------------------------------------- > >RFC7208 (draft-ietf-spfbis-4408bis-21) > >-------------------------------------- > >Title : Sender Policy Framework (SPF) for Authorizing Use > >of Domains in Email, Version 1 > >Publication Date : April 2014 > >Author(s) : S. Kitterman > >Category : PROPOSED STANDARD > >Source : SPF Update > >Area : Applications > >Stream : IETF > >Verifying Party : IESG -- Andrew Sullivan ajs@anvilwalrusden.com From nobody Wed Aug 13 19:01:36 2014 Return-Path: X-Original-To: spfbis@ietfa.amsl.com Delivered-To: spfbis@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E51041A03E3 for ; Wed, 13 Aug 2014 16:19:47 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.001 X-Spam-Level: X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q9AUW5CQZUWp for ; Wed, 13 Aug 2014 16:19:44 -0700 (PDT) Received: from mailout03.controlledmail.com (mailout03.controlledmail.com [208.43.65.50]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 76CA11A03E1 for ; Wed, 13 Aug 2014 16:19:43 -0700 (PDT) Received: from mailout03.controlledmail.com (localhost [127.0.0.1]) by mailout03.controlledmail.com (Postfix) with ESMTP id 3826895600C; Wed, 13 Aug 2014 19:19:42 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kitterman.com; s=2014-01; t=1407971982; bh=p5nmKwlCNW+49x295Lqtf8+75VgTROEa9On5AtloXQg=; h=In-Reply-To:References:Subject:From:Date:To:CC:From; b=cuhRxkJ0wfRfyDox9Vk/5anyr60JheY6l6pDpqx0Og3q3JuDRJD+XqjADhz2Q3wEH Vh882O96JN8ED+lE35YrU1AMa0v7JjyzkGDTCJI/id/bPV0O+u5MePb9wrOrkOc+O3 7SQvEW0TY//OMEABAia6RC37p2anUWvezuno0+n8= Received: from [IPV6:2600:1003:b112:61a2:b846:f226:2e3e:11] (unknown [IPv6:2600:1003:b112:61a2:b846:f226:2e3e:11]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout03.controlledmail.com (Postfix) with ESMTPSA id 56244D046AF; Wed, 13 Aug 2014 19:19:40 -0400 (EDT) User-Agent: K-9 Mail for Android In-Reply-To: <20140813230734.43A1F18000E@rfc-editor.org> References: <20140813230734.43A1F18000E@rfc-editor.org> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----17DO393C6CGSO8BZ493GKLU67IXTLV" Content-Transfer-Encoding: 8bit From: Scott Kitterman Date: Wed, 13 Aug 2014 19:19:48 -0400 To: RFC Errata System , barryleiba@computer.org, presnick@qti.qualcomm.com, sm+ietf@elandsys.com, ajs@anvilwalrusden.com Message-ID: <6ff7d3b8-be20-4407-931a-41605e129d1a@email.android.com> X-AV-Checked: ClamAV using ClamSMTP Archived-At: http://mailarchive.ietf.org/arch/msg/spfbis/fBkJYqcg4B3h5auCCFkW8u5nH0w X-Mailman-Approved-At: Wed, 13 Aug 2014 19:01:34 -0700 Cc: spfbis@ietf.org, d.stussy@yahoo.com Subject: Re: [spfbis] [Technical Errata Reported] RFC7208 (4081) X-BeenThere: spfbis@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: SPFbis discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Aug 2014 23:19:48 -0000 ------17DO393C6CGSO8BZ493GKLU67IXTLV Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 I believe this should be rejected. RFC7208 doesn't specify that messages should be rejected. A decision to reject is a local policy decision. 5.7.1 is the correct code. In any case, draft-ietf-appsawg-email-auth-codes updates RFC7208 on this exact question, so the point will shortly be moot anyway. Scott K On August 13, 2014 7:07:34 PM EDT, RFC Errata System wrote: >The following errata report has been submitted for RFC7208, >"Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, >Version 1". > >-------------------------------------- >You may review the report below and at: >http://www.rfc-editor.org/errata_search.php?rfc=7208&eid=4081 > >-------------------------------------- >Type: Technical >Reported by: D. Stussy > >Section: 8.4 > >Original Text >------------- >(Paragraph 2): if supported, the 5.7.1 enhanced status code >... > > 550 5.7.1 SPF MAIL FROM check failed: > 550 5.7.1 The domain example.com explains: > 550 5.7.1 Please see http://www.example.com/mailpolicy.html > > >Corrected Text >-------------- >if supported, the 5.7.7 enhanced status code >... > > 550 5.7.7 SPF MAIL FROM check failed: > 550 5.7.7 The domain example.com explains: > 550 5.7.7 Please see http://www.example.com/mailpolicy.html > > >Notes >----- >5.7.1 generally refers to messages refused due to content or LOCAL >policies. >5.7.7 refers to messages where there is an integrity problem. > >5.7.7 is a better description for rejecting an unauthorized message due >to the application of automatic checking criterion set by remote >validation. > >The author of this errata notes that the IANA is showing a pending >addition to the enhanced codes to add SPF-specific error code 5.7.23 >(in lieu of 5.7.1 or 5.7.7), but currently sees no valid RFC proposing >it. The draft is located at: >http://tools.ietf.org/html/draft-ietf-appsawg-email-auth-codes-07 > >Instructions: >------------- >This erratum is currently posted as "Reported". If necessary, please >use "Reply All" to discuss whether it should be verified or >rejected. When a decision is reached, the verifying party (IESG) >can log in to change the status and edit the report, if necessary. > >-------------------------------------- >RFC7208 (draft-ietf-spfbis-4408bis-21) >-------------------------------------- >Title : Sender Policy Framework (SPF) for Authorizing Use >of Domains in Email, Version 1 >Publication Date : April 2014 >Author(s) : S. Kitterman >Category : PROPOSED STANDARD >Source : SPF Update >Area : Applications >Stream : IETF >Verifying Party : IESG ------17DO393C6CGSO8BZ493GKLU67IXTLV Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit I believe this should be rejected.

RFC7208 doesn't specify that messages should be rejected. A decision to reject is a local policy decision. 5.7.1 is the correct code.

In any case, draft-ietf-appsawg-email-auth-codes updates RFC7208 on this exact question, so the point will shortly be moot anyway.

Scott K

On August 13, 2014 7:07:34 PM EDT, RFC Errata System <rfc-editor@rfc-editor.org> wrote:
The following errata report has been submitted for RFC7208,
"Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1".


You may review the report below and at:
http://www.rfc-editor.org/errata_search.php?rfc=7208&eid=4081


Type: Technical
Reported by: D. Stussy <d.stussy@yahoo.com>

Section: 8.4

Original Text
-------------
(Paragraph 2):  if supported, the 5.7.1 enhanced status code
...

       550 5.7.1 SPF MAIL FROM check failed:
       550 5.7.1 The domain example.com explains:
       550 5.7.1 Please see http://www.example.com/mailpolicy.html


Corrected Text
--------------
if supported, the 5.7.7 enhanced status code
...

       550 5.7.7 SPF MAIL FROM check failed:
       550 5.7.7 The domain example.com explains:
       550 5.7.7 Please see http://www.example.com/mailpolicy.html


Notes
-----
5.7.1 generally refers to messages refused due to content or LOCAL policies.
5.7.7 refers to messages where there is an integrity problem.

5.7.7 is a better description for rejecting an unauthorized message due to the application of automatic checking criterion set by remote validation.

The author of this errata notes that the IANA is showing a pending addition to the enhanced codes to add SPF-specific error code 5.7.23 (in lieu of 5.7.1 or 5.7.7), but currently sees no valid RFC proposing it.  The draft is located at: http://tools.ietf.org/html/draft-ietf-appsawg-email-auth-codes-07

Instructions:
-------------
This erratum is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party (IESG)
can log in to change the status and edit the report, if necessary. 


RFC7208 (draft-ietf-spfbis-4408bis-21)

Title               : Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1
Publication Date    : April 2014
Author(s)           : S. Kitterman
Category            : PROPOSED STANDARD
Source              : SPF Update
Area                : Applications
Stream              : IETF
Verifying Party     : IESG


------17DO393C6CGSO8BZ493GKLU67IXTLV-- From nobody Wed Aug 13 19:01:47 2014 Return-Path: X-Original-To: spfbis@ietfa.amsl.com Delivered-To: spfbis@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 958FD1A0201 for ; Wed, 13 Aug 2014 16:30:35 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.001 X-Spam-Level: X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6OVbe3QbSlL9 for ; Wed, 13 Aug 2014 16:30:32 -0700 (PDT) Received: from mailout03.controlledmail.com (mailout03.controlledmail.com [IPv6:2607:f0d0:3001:aa::2]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3F1E31A0432 for ; Wed, 13 Aug 2014 16:30:29 -0700 (PDT) Received: from mailout03.controlledmail.com (localhost [127.0.0.1]) by mailout03.controlledmail.com (Postfix) with ESMTP id 45D02956013; Wed, 13 Aug 2014 19:30:28 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kitterman.com; s=2014-01; t=1407972628; bh=J7ZH5nTPDM1jew6z//mc29ue/B+XSz73+0/4vWxiLv8=; h=In-Reply-To:References:Subject:From:Date:To:CC:From; b=PvhrEZFgXIxQGTRyLhZQ4m6VOGX5Idd6AGjJdI0+InwgucbPCd4ZEeE0bd1snR5RB r4kEAZQ8TH7DlK3l947sOLPadO6uMHeU8QZj6no7DQ7wC5U3VG9kRZ1zePm1lkZSoT Iz1hNXvMiX0QueX04ooJrkwBcvA5qKiB5jwYvAjs= Received: from [IPV6:2600:1003:b112:61a2:b846:f226:2e3e:11] (unknown [IPv6:2600:1003:b112:61a2:b846:f226:2e3e:11]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout03.controlledmail.com (Postfix) with ESMTPSA id 8B360956011; Wed, 13 Aug 2014 19:30:27 -0400 (EDT) User-Agent: K-9 Mail for Android In-Reply-To: <20140813231306.9680818000E@rfc-editor.org> References: <20140813231306.9680818000E@rfc-editor.org> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----L9YLWZ144FU9BOI08KEWPL6BS77JGQ" Content-Transfer-Encoding: 8bit From: Scott Kitterman Date: Wed, 13 Aug 2014 19:30:34 -0400 To: RFC Errata System , barryleiba@computer.org, presnick@qti.qualcomm.com, sm+ietf@elandsys.com, ajs@anvilwalrusden.com Message-ID: X-AV-Checked: ClamAV using ClamSMTP Archived-At: http://mailarchive.ietf.org/arch/msg/spfbis/oujvt7SapB-7rWu4I9GGsHW-qNM X-Mailman-Approved-At: Wed, 13 Aug 2014 19:01:45 -0700 Cc: spfbis@ietf.org, d.stussy@yahoo.com Subject: Re: [spfbis] [Technical Errata Reported] RFC7208 (4082) X-BeenThere: spfbis@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: SPFbis discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Aug 2014 23:30:35 -0000 ------L9YLWZ144FU9BOI08KEWPL6BS77JGQ Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 5.7.8 talks about things like incorrect password issues. That's not the kind of authentication at work for SPF. SPF is more strictly about authorization, not authentication. This should be rejected. Scott K On August 13, 2014 7:13:06 PM EDT, RFC Errata System wrote: >The following errata report has been submitted for RFC7208, >"Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, >Version 1". > >-------------------------------------- >You may review the report below and at: >http://www.rfc-editor.org/errata_search.php?rfc=7208&eid=4082 > >-------------------------------------- >Type: Technical >Reported by: D. Stussy > >Section: 8.7 > >Original Text >------------- >... If the message is rejected during the SMTP transaction for >this reason, the software SHOULD use an SMTP reply code of 550 >and, if supported, the 5.5.2 enhanced status code ... > >Corrected Text >-------------- >... If the message is rejected during the SMTP transaction for >this reason, the software SHOULD use an SMTP reply code of 550 >and, if supported, the 5.7.8 enhanced status code ... > >Notes >----- >5.5.2 refers to responses where there's an SMTP COMMAND syntax error. >5.7.8 refers to messages where authentication credentials are invalid. > >5.7.8 is a better description for rejecting an unauthorized message due >to the >application of invalid authentication credentials such as bad syntax in >an SPF DNS record. > >The author of this errata notes that the IANA is showing a pending >addition to >the enhanced codes to add SPF-specific error code 5.7.24 (in lieu of >5.5.2 or >5.7.8), but currently sees no valid RFC proposing it. The draft is >located at: >http://tools.ietf.org/html/draft-ietf-appsawg-email-auth-codes-07 > >The use of 5.5.2 here is misleading since the source of the error is >not the >SMTP command stream. > >Instructions: >------------- >This erratum is currently posted as "Reported". If necessary, please >use "Reply All" to discuss whether it should be verified or >rejected. When a decision is reached, the verifying party (IESG) >can log in to change the status and edit the report, if necessary. > >-------------------------------------- >RFC7208 (draft-ietf-spfbis-4408bis-21) >-------------------------------------- >Title : Sender Policy Framework (SPF) for Authorizing Use >of Domains in Email, Version 1 >Publication Date : April 2014 >Author(s) : S. Kitterman >Category : PROPOSED STANDARD >Source : SPF Update >Area : Applications >Stream : IETF >Verifying Party : IESG ------L9YLWZ144FU9BOI08KEWPL6BS77JGQ Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit 5.7.8 talks about things like incorrect password issues. That's not the kind of authentication at work for SPF. SPF is more strictly about authorization, not authentication.

This should be rejected.

Scott K

On August 13, 2014 7:13:06 PM EDT, RFC Errata System <rfc-editor@rfc-editor.org> wrote:
The following errata report has been submitted for RFC7208,
"Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1".


You may review the report below and at:
http://www.rfc-editor.org/errata_search.php?rfc=7208&eid=4082


Type: Technical
Reported by: D. Stussy <d.stussy@yahoo.com>

Section: 8.7

Original Text
-------------
...  If the message is rejected during the SMTP transaction for
this reason, the software SHOULD use an SMTP reply code of 550
and, if supported, the 5.5.2 enhanced status code ...

Corrected Text
--------------
...  If the message is rejected during the SMTP transaction for
this reason, the software SHOULD use an SMTP reply code of 550
and, if supported, the 5.7.8 enhanced status code ...

Notes
-----
5.5.2 refers to responses where there's an SMTP COMMAND syntax error.
5.7.8 refers to messages where authentication credentials are invalid.

5.7.8 is a better description for rejecting an unauthorized message due to the
application of invalid authentication credentials such as bad syntax in an SPF DNS record.

The author of this errata notes that the IANA is showing a pending addition to
the enhanced codes to add SPF-specific error code 5.7.24 (in lieu of 5.5.2 or
5.7.8), but currently sees no valid RFC proposing it.  The draft is located at:
http://tools.ietf.org/html/draft-ietf-appsawg-email-auth-codes-07

The use of 5.5.2 here is misleading since the source of the error is not the
SMTP command stream.

Instructions:
-------------
This erratum is currently posted as "Reported". If necessary,
please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party (IESG)
can log in to change the status and edit the report, if necessary. 


RFC7208 (draft-ietf-spfbis-4408bis-21)

Title               : Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1
Publication Date    : April 2014
Author(s)           : S. Kitterman
Category            : PROPOSED STANDARD
Source              : SPF Update
Area                : Applications
Stream              : IETF
Verifying Party     : IESG


------L9YLWZ144FU9BOI08KEWPL6BS77JGQ-- From nobody Thu Aug 14 06:30:12 2014 Return-Path: X-Original-To: spfbis@ietfa.amsl.com Delivered-To: spfbis@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C5771A0408 for ; Thu, 14 Aug 2014 06:30:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.277 X-Spam-Level: X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XQ_BxLHja5th for ; Thu, 14 Aug 2014 06:30:09 -0700 (PDT) Received: from mail-la0-x231.google.com (mail-la0-x231.google.com [IPv6:2a00:1450:4010:c03::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24A6F1A061D for ; Thu, 14 Aug 2014 06:30:08 -0700 (PDT) Received: by mail-la0-f49.google.com with SMTP id hz20so1025999lab.22 for ; Thu, 14 Aug 2014 06:30:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=j6D3WUU7XI3VIClaCPIGJGoOZE+bivqu7WavbrY1X6I=; b=BZK84DLOual2VSTJTRPBaiqF0X0p81TR4FoxaehPbtqd3VItgVffYng91EpC2uSqWX sMevjnAZwmuVV+GWlQFbZu/vKyXUES0Ouavb7nc6u681s+j2cSf+0GRcy1deOjPNIsth 4lfCVDM35nXWugMi9thDBNq9Xk/ERDlUgKpGCabZFvIra3apgWVZKrHIIXT49NFdyomJ fIyKv/zHLOFMwDQYNAz0vaZyxJUnU0p+4rpDEfYV1QtjsxHN06R4f7aBvi7AUcUDdTBQ J0Jb337a7d8X7QFbUktUtfmfJbsYY0Cb1ZFwU+aWp+kO+5EkcejXsScM2GjHJhHQG/Tz ZEGQ== MIME-Version: 1.0 X-Received: by 10.112.8.99 with SMTP id q3mr4982902lba.85.1408023007050; Thu, 14 Aug 2014 06:30:07 -0700 (PDT) Sender: barryleiba@gmail.com Received: by 10.152.8.46 with HTTP; Thu, 14 Aug 2014 06:30:06 -0700 (PDT) In-Reply-To: References: <20140813231306.9680818000E@rfc-editor.org> Date: Thu, 14 Aug 2014 09:30:06 -0400 X-Google-Sender-Auth: JLxSfSRZnoT1VpGhakiL0Dc2z7Y Message-ID: From: Barry Leiba To: Scott Kitterman Content-Type: multipart/alternative; boundary=001a1134d1142bc62a050096e7b8 Archived-At: http://mailarchive.ietf.org/arch/msg/spfbis/ZRdd8Jk0WOQLTx8kCkK2O_c1NEo Cc: "presnick@qti.qualcomm.com" , "sm+ietf@elandsys.com" , "ajs@anvilwalrusden.com" , "spfbis@ietf.org" , "d.stussy@yahoo.com" , RFC Errata System Subject: Re: [spfbis] [Technical Errata Reported] RFC7208 (4082) X-BeenThere: spfbis@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: SPFbis discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2014 13:30:11 -0000 --001a1134d1142bc62a050096e7b8 Content-Type: text/plain; charset=ISO-8859-1 Personally, I think 5.7.1 is the right code, until the email-auth-codes draft (which is in the RFC Editor queue) pops out. 5.5.2 seems wrong to me, as well. That said, it's quite clear that what's in the document is what the working group intended, and it's not a valid errata report. I will mark it Rejected. Barry On Wednesday, August 13, 2014, Scott Kitterman wrote: > 5.7.8 talks about things like incorrect password issues. That's not the > kind of authentication at work for SPF. SPF is more strictly about > authorization, not authentication. > > This should be rejected. > > Scott K > > On August 13, 2014 7:13:06 PM EDT, RFC Errata System < > rfc-editor@rfc-editor.org > > wrote: >> >> The following errata report has been submitted for RFC7208, >> "Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1". >> >> ------------------------------ >> >> You may review the report below and at: >> http://www.rfc-editor.org/errata_search.php?rfc=7208&eid=4082 >> >> ------------------------------ >> >> Type: Technical >> Reported by: D. Stussy > >> >> Section: 8.7 >> >> Original Text >> ------------- >> ... If the message is rejected during the SMTP transaction for >> this reason, the software SHOULD use an SMTP reply code of 550 >> and, if supported, the 5.5.2 enhanced status code ... >> >> Corrected Text >> -------------- >> ... If the message is rejected during the SMTP transaction for >> this reason, the software SHOULD use an SMTP reply code of 550 >> and, if supported, the 5.7.8 enhanced status code ... >> Notes >> ----- >> 5.5.2 refers to responses where there's an SMTP COMMAND syntax error. >> 5.7.8 refers to messages where authentication credentials are invalid. >> >> 5.7.8 is a better description for rejecting an unauthorized message due to the >> application of invalid authentication credentials such as bad syntax in an SPF DNS record. >> >> The author of this errata notes that the IANA is showing a pending addition to >> the enhanced codes to add SPF-specific error code 5.7.24 (in lieu of 5.5.2 or >> 5.7.8), but currently sees no valid RFC proposing it. The draft is located at: >> http://tools.ietf.org/html/draft-ietf-appsawg-email-auth-codes-07 >> >> The use of 5.5.2 here is misleading since the source of the error is not the >> SMTP command stream. >> >> Instructions: >> ------------- >> This erratum is currently posted as "Reported". If necessary, >> please >> use "Reply All" to discuss whether it should be verified or >> rejected. When a decision is reached, the verifying party (IESG) >> can log in to change the status and edit the report, if necessary. >> >> ------------------------------ >> >> RFC7208 (draft-ietf-spfbis-4408bis-21) >> ------------------------------ >> >> Title : Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1 >> Publication Date : April 2014 >> Author(s) : S. Kitterman >> Category : PROPOSED STANDARD >> Source : SPF Update >> Area : Applications >> Stream : IETF >> Verifying Party : IESG >> >> >> --001a1134d1142bc62a050096e7b8 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Personally, I think 5.7.1 is the right code, until the email-auth-codes dra= ft (which is in the RFC Editor queue) pops out. =A05.5.2 seems wrong to me,= as well.

That said, it's quite clear that what'= s in the document is what the working group intended, and it's not a va= lid errata report. =A0I will mark it Rejected.

Barry

On Wednesday, August 13, 2014, Scott Kitte= rman <scott@kitterman.com>= wrote:
5.7.8 talks about things like incorrect password issues. That's no= t the kind of authentication at work for SPF. SPF is more strictly about a= uthorization, not authentication.

This should be rejected.

Scott K

On August 13, 2014 7:13:06 PM EDT= , RFC Errata System <rfc-editor@rfc-editor.= org> wrote:
The following errata report has been submitted for RFC7208,
"S=
ender Policy Framework (SPF) for Authorizing Use of Domains in Email, Versi=
on 1".


You may review the report below and at:

http://www.rfc-editor.org/errata_search.php?rfc=
=3D7208&eid=3D4082


Type: Technical
Reported by: D=
. Stussy <d.stussy@yahoo.com>


Section: 8.7

Original Text
-------------
...  If the messa=
ge is rejected during the SMTP transaction for
this reason, the software=
 SHOULD use an SMTP reply code of 550
and, if supported, the 5.5.2 enhan=
ced status code ...


Corrected Text
--------------
...  If the message is rejected dur=
ing the SMTP transaction for
this reason, the software SHOULD use an SMT=
P reply code of 550
and, if supported, the 5.7.8 enhanced status code ..=
.

Notes
-----
5.5.2 refers to responses where there's an SMT=
P COMMAND syntax error.
5.7.8 refers to messages where authentication cr=
edentials are invalid.

5.7.8 is a better description for rejecting a=
n unauthorized message due to the

application of invalid authentication credentials such as bad syntax in an =
SPF DNS record.

The author of this errata notes that the IANA is sho=
wing a pending addition to
the enhanced codes to add SPF-specific error =
code 5.7.24 (in lieu of 5.5.2 or

5.7.8), but currently sees no valid RFC proposing it.  The draft is located=
 at:
http://tools.ietf.org/html/draft-ietf-appsawg-=
email-auth-codes-07


The use of 5.5.2 here is misleading since the source of the error is no=
t the
SMTP command stream.

Instructions:
-------------
This=
 erratum is currently posted as "Reported". If necessary,
please
use "Reply All" to discuss whether it should be verifie=
d or
rejected. When a decision is reached, the verifying party (IESG)can log in to change the status and edit the report, if necessary. 



RFC7208 (draft-ietf-spfbis-4408bis-21)

Title        =
       : Sender Policy Framework (SPF) for Authorizing Use of Domains in Em=
ail, Version 1
Publication Date    : April 2014
Author(s)           :=
 S. Kitterman

Category            : PROPOSED STANDARD
Source              : SPF Update=

Area                : Applications
Stream              : IETF
Ver=
ifying Party     : IESG


--001a1134d1142bc62a050096e7b8-- From nobody Thu Aug 14 06:34:03 2014 Return-Path: X-Original-To: spfbis@ietfa.amsl.com Delivered-To: spfbis@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5B221A0408; Thu, 14 Aug 2014 06:33:54 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.57 X-Spam-Level: X-Spam-Status: No, score=-102.57 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.668, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L0Dd2tAQAM8J; Thu, 14 Aug 2014 06:33:52 -0700 (PDT) Received: from rfc-editor.org (rfc-editor.org [IPv6:2001:1900:3001:11::31]) by ietfa.amsl.com (Postfix) with ESMTP id CFB971A046D; Thu, 14 Aug 2014 06:33:52 -0700 (PDT) Received: by rfc-editor.org (Postfix, from userid 30) id CD888180015; Thu, 14 Aug 2014 06:31:59 -0700 (PDT) To: d.stussy@yahoo.com, scott@kitterman.com X-PHP-Originating-Script: 1005:errata_mail_lib.php From: RFC Errata System Message-Id: <20140814133159.CD888180015@rfc-editor.org> Date: Thu, 14 Aug 2014 06:31:59 -0700 (PDT) Archived-At: http://mailarchive.ietf.org/arch/msg/spfbis/GWc1itNbWeH-pE1kZE0_NtvA6gk Cc: spfbis@ietf.org, barryleiba@computer.org, iesg@ietf.org, rfc-editor@rfc-editor.org Subject: [spfbis] [Errata Rejected] RFC7208 (4081) X-BeenThere: spfbis@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: SPFbis discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2014 13:33:54 -0000 The following errata report has been rejected for RFC7208, "Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=7208&eid=4081 -------------------------------------- Status: Rejected Type: Technical Reported by: D. Stussy Date Reported: 2014-08-13 Rejected by: Barry Leiba (IESG) Section: 8.4 Original Text ------------- (Paragraph 2): if supported, the 5.7.1 enhanced status code ... 550 5.7.1 SPF MAIL FROM check failed: 550 5.7.1 The domain example.com explains: 550 5.7.1 Please see http://www.example.com/mailpolicy.html Corrected Text -------------- if supported, the 5.7.7 enhanced status code ... 550 5.7.7 SPF MAIL FROM check failed: 550 5.7.7 The domain example.com explains: 550 5.7.7 Please see http://www.example.com/mailpolicy.html Notes ----- 5.7.1 generally refers to messages refused due to content or LOCAL policies. 5.7.7 refers to messages where there is an integrity problem. 5.7.7 is a better description for rejecting an unauthorized message due to the application of automatic checking criterion set by remote validation. The author of this errata notes that the IANA is showing a pending addition to the enhanced codes to add SPF-specific error code 5.7.23 (in lieu of 5.7.1 or 5.7.7), but currently sees no valid RFC proposing it. The draft is located at: http://tools.ietf.org/html/draft-ietf-appsawg-email-auth-codes-07 --VERIFIER NOTES-- The code used was the clear choice of the working group, and can't be changed through the errata system. -------------------------------------- RFC7208 (draft-ietf-spfbis-4408bis-21) -------------------------------------- Title : Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1 Publication Date : April 2014 Author(s) : S. Kitterman Category : PROPOSED STANDARD Source : SPF Update Area : Applications Stream : IETF Verifying Party : IESG From nobody Thu Aug 14 06:34:27 2014 Return-Path: X-Original-To: spfbis@ietfa.amsl.com Delivered-To: spfbis@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF2F31A074C; Thu, 14 Aug 2014 06:34:20 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -107.57 X-Spam-Level: X-Spam-Status: No, score=-107.57 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.668, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ixOEhzs3ZAOv; Thu, 14 Aug 2014 06:34:14 -0700 (PDT) Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) by ietfa.amsl.com (Postfix) with ESMTP id CF3E21A046D; Thu, 14 Aug 2014 06:34:14 -0700 (PDT) Received: by rfc-editor.org (Postfix, from userid 30) id CDE7C180015; Thu, 14 Aug 2014 06:32:21 -0700 (PDT) To: d.stussy@yahoo.com, scott@kitterman.com X-PHP-Originating-Script: 1005:errata_mail_lib.php From: RFC Errata System Message-Id: <20140814133221.CDE7C180015@rfc-editor.org> Date: Thu, 14 Aug 2014 06:32:21 -0700 (PDT) Archived-At: http://mailarchive.ietf.org/arch/msg/spfbis/VUxIqx0Gmb7V9oxMsIx4l76GrF8 Cc: spfbis@ietf.org, barryleiba@computer.org, iesg@ietf.org, rfc-editor@rfc-editor.org Subject: [spfbis] [Errata Rejected] RFC7208 (4082) X-BeenThere: spfbis@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: SPFbis discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2014 13:34:21 -0000 The following errata report has been rejected for RFC7208, "Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=7208&eid=4082 -------------------------------------- Status: Rejected Type: Technical Reported by: D. Stussy Date Reported: 2014-08-13 Rejected by: Barry Leiba (IESG) Section: 8.7 Original Text ------------- ... If the message is rejected during the SMTP transaction for this reason, the software SHOULD use an SMTP reply code of 550 and, if supported, the 5.5.2 enhanced status code ... Corrected Text -------------- ... If the message is rejected during the SMTP transaction for this reason, the software SHOULD use an SMTP reply code of 550 and, if supported, the 5.7.8 enhanced status code ... Notes ----- 5.5.2 refers to responses where there's an SMTP COMMAND syntax error. 5.7.8 refers to messages where authentication credentials are invalid. 5.7.8 is a better description for rejecting an unauthorized message due to the application of invalid authentication credentials such as bad syntax in an SPF DNS record. The author of this errata notes that the IANA is showing a pending addition to the enhanced codes to add SPF-specific error code 5.7.24 (in lieu of 5.5.2 or 5.7.8), but currently sees no valid RFC proposing it. The draft is located at: http://tools.ietf.org/html/draft-ietf-appsawg-email-auth-codes-07 The use of 5.5.2 here is misleading since the source of the error is not the SMTP command stream. --VERIFIER NOTES-- The code used was the clear choice of the working group, and can't be changed through the errata system. -------------------------------------- RFC7208 (draft-ietf-spfbis-4408bis-21) -------------------------------------- Title : Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1 Publication Date : April 2014 Author(s) : S. Kitterman Category : PROPOSED STANDARD Source : SPF Update Area : Applications Stream : IETF Verifying Party : IESG From nobody Thu Aug 14 11:35:18 2014 Return-Path: X-Original-To: spfbis@ietfa.amsl.com Delivered-To: spfbis@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3E881A6F1F for ; Thu, 14 Aug 2014 11:35:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NRdZL2UM_yZM for ; Thu, 14 Aug 2014 11:35:16 -0700 (PDT) Received: from mail-we0-x22c.google.com (mail-we0-x22c.google.com [IPv6:2a00:1450:400c:c03::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C9A11A0266 for ; Thu, 14 Aug 2014 11:35:16 -0700 (PDT) Received: by mail-we0-f172.google.com with SMTP id x48so1444672wes.17 for ; Thu, 14 Aug 2014 11:35:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=KRma8wK73jNtdmip/t+ZBCzpc2HqAvcggQXwpf+A6z8=; b=Nla9M9PFVrWFcD874vJBzENgg+2dYuBVpV1TGZcPXbULccY8yZLY5e2095KPiIZz5L edMA0ZfZXWKqzWV2tIfjQsWKKUqCAN5Eauv3IEkbFH4lXC9AOaKE/UGLaWmz+AmNMB2Q VhN+918OejYrT+toRew1eNkFZB44W6hIpJ7QPRrhyS0HREBaKeIneoxGhCgO3CxikEt8 pDbm45JEyc/aghed5Qj1j0tkxbw4oY/kyBiHEXvd9HoUwj9WaBQSPeKE8pYcVrSB46pl PATpyeRuWuKCWqhrwIMboEvqH+GTW7/iddxEkLLWA0ZPq1w40Yt0R6sh9UpIhKyvJtD5 pYxQ== MIME-Version: 1.0 X-Received: by 10.180.75.14 with SMTP id y14mr14720756wiv.79.1408041314825; Thu, 14 Aug 2014 11:35:14 -0700 (PDT) Received: by 10.180.35.42 with HTTP; Thu, 14 Aug 2014 11:35:14 -0700 (PDT) In-Reply-To: <20140813231306.9680818000E@rfc-editor.org> References: <20140813231306.9680818000E@rfc-editor.org> Date: Thu, 14 Aug 2014 11:35:14 -0700 Message-ID: From: "Murray S. Kucherawy" To: RFC Editor Content-Type: multipart/alternative; boundary=f46d043c8200663d1305009b2aaa Archived-At: http://mailarchive.ietf.org/arch/msg/spfbis/QcjYNLlwpojz4EpOz9ju_Gd_Kdo Cc: Scott Kitterman , Pete Resnick , SM , Andrew Sullivan , "spfbis@ietf.org" , d.stussy@yahoo.com, Barry Leiba Subject: Re: [spfbis] [Technical Errata Reported] RFC7208 (4082) X-BeenThere: spfbis@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: SPFbis discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2014 18:35:17 -0000 --f46d043c8200663d1305009b2aaa Content-Type: text/plain; charset=UTF-8 On Wed, Aug 13, 2014 at 4:13 PM, RFC Errata System < rfc-editor@rfc-editor.org> wrote: > The following errata report has been submitted for RFC7208, > "Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, > Version 1". > > -------------------------------------- > You may review the report below and at: > http://www.rfc-editor.org/errata_search.php?rfc=7208&eid=4082 > > -------------------------------------- > Type: Technical > Reported by: D. Stussy > > Section: 8.7 > > Original Text > ------------- > ... If the message is rejected during the SMTP transaction for > this reason, the software SHOULD use an SMTP reply code of 550 > and, if supported, the 5.5.2 enhanced status code ... > > Corrected Text > -------------- > ... If the message is rejected during the SMTP transaction for > this reason, the software SHOULD use an SMTP reply code of 550 > and, if supported, the 5.7.8 enhanced status code ... > I disagree. 5.7.8 specifically refers to AUTH (as in SMTP AUTH, RFC 4954 I believe) in its definition. SPF failures have nothing to do with AUTH. -MSK --f46d043c8200663d1305009b2aaa Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
On Wed, Aug 13, 2014 at 4:13 PM, RFC Errata System <rfc-editor@rfc-editor.org> wrote:
The following errata report has been submitt= ed for RFC7208,
"Sender Policy Framework (SPF) for Authorizing Use of Domains in Email= , Version 1".

--------------------------------------
You may review the report below and at:
http://www.rfc-editor.org/errata_search.php?rfc= =3D7208&eid=3D4082

--------------------------------------
Type: Technical
Reported by: D. Stussy <d.stussy@y= ahoo.com>

Section: 8.7

Original Text
-------------
... =C2=A0If the message is rejected during the SMTP transaction for
this reason, the software SHOULD use an SMTP reply code of 550
and, if supported, the 5.5.2 enhanced status code ...

Corrected Text
--------------
... =C2=A0If the message is rejected during the SMTP transaction for
this reason, the software SHOULD use an SMTP reply code of 550
and, if supported, the 5.7.8 enhanced status code ...
=
I disagree.=C2=A0 5.7.8 specifically refers to AUTH (as in S= MTP AUTH, RFC 4954 I believe) in its definition.=C2=A0 SPF failures have no= thing to do with AUTH.

-MSK
--f46d043c8200663d1305009b2aaa--